package com.kede.api.auth.expression;

import com.kede.api.auth.domain.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/***
 ** @Author:Pr.li
 ** @Description: 自定义权限验证方法
 ** @Date: create in 2023/4/1 16:46
 ***/
@Component("ex")
public class SecurityAuthtionExpression {


    public boolean hasAuthority(String authority){
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        return permissions.contains(authority);
    }

}
